The goal of this presentation is to explain the Security Level and the concepts of standard ISA/IEC 62446-3-3, which describes the security requirements for each Security Requirement, and to illustrate this concept through Foundational Requirement 5 Restricted Data Flow, RDF. The RDF Security Level Targeted versus Achieved of the conduit between Level 3.5 and Level 4 is paramount to reach the right cyber security protection of the ICS/DCS network against Outsider Threat. This is also the most challenging to implement because of the conflicting requirements between IT and ICS network users.
In the first part of the presentation, we will quickly refresh the memory of the audience about the standard ISA/IEC 62443, Security Levels and Zones & Conduits. From the Critical Infrastructure Operators point of view, this is critical to understand to be able to select the proper.
In the second part of the presentation, we will review the different options to implement L3.5/L4 Conduit RDF requirements.
And in the third and final part of the presentation, we will go through lessons learned during different projects for major critical infrastructure operators.
Mr. Khawar Iqbal (Author/Presenter)
Business Development Manager
Global Security Network (GSN)
Khawar Iqbal, BSc in Engineering, has worked as IT/OT engineer for more than ten years and in the Cyber Security field for more than eight years.
In 2009, Iqbal started his career as ABB Control & Instrumentation Engineer contracted by Descon Engineering and completed a National Cement Manufacturing Plant project producing 7000 tons per day.
In 2010, Iqbal moved to KSA and worked for a German company Detecon, responsible for maintaining Saudi Telecom Network Infrastructure. He oversaw corporate MPLS security for customers like Industrial Areas, Oil & Gas, Border control, Steel, and Polymer companies in the Eastern region of KSA.
In 2013, Iqbal moved to the UAE and joined the Automation Company eWorld. There he worked as a cyber security architect and served regional Oil & Gas companies for IDS/IPS systems and Achilles test platforms. Certified in HUET / BOSEIT, Iqbal worked as a contractor for three offshore facilities and two petrochemical facilities in Saudi Arabia.
In 2019, Iqbal joined GSN and currently looks after OT cyber assessment, onsite orchestration, and assists the engineering team. He is a certified engineer having experience working with various VA tools like Nozomi, GE Opshield, and TrendMicro TXone